1. Field of the Invention
The invention relates to a method for carrying out an application with the help of a portable data carrier as well as a corresponding portable data carrier.
2. Related Art
Personal portable data carriers are more and more used to make it possible for users to carry out software-based useful applications with the help of software to which the user has only limited access. The target of software-based useful applications typically is to change a data stock which is managed by a third party. An example of such software-based useful applications is in particular the carrying out of electronic transactions, such as banking transactions, via the Internet. Upon carrying out software-based useful applications, hereinafter referred to as applications, with interposition of a communication between a terminal and a server, there is the need of protecting the corresponding communication connections from manipulations by third parties. This plays a role in particular upon carrying out applications in the form of electronic transactions via the Internet.
From the prior art there are known various methods for protecting transactions against manipulations. Upon electronically carrying out banking transactions, there is used in particular the PIN/TAN method in various forms. Here, a user logs in with a PIN by means of his browser to the banking server of his bank and inputs via a corresponding data connection, which preferably is cryptographically secured, the transaction data of the transaction to be carried out. In the case of the simple TAN method, the user has received a list of multi-digit TAN numbers before, while the TAN numbers are also stored on the bank server. For completing a transaction, the user must input a corresponding yet unused TAN number from the list. The bank server then checks whether the TAN is valid, i.e. comes from the user's list and has not yet been used by the user. If so, the corresponding banking transaction is finally executed by the server.
In a further development of the above TAN method, the so-called iTAN method, the user's list of TAN numbers is indexed. In order to increase the security, for completing the transaction the user is prompted to input a TAN with a specific index number. An attacker having a TAN number from the list thus possibly has to make a multiplicity of attempts for carrying out a transaction, until the server finally requests the TAN with the index which the fraudster has at the disposal. By appropriately limiting the number of misentries, the security can be suitably increased.
In a further embodiment of an electronic TAN method, the so-called mTAN method, the TAN to be inputted has not been sent to the user before in the form of a list, but the server sends the TAN as an SMS message to a personal mobile phone of the user. For confirming the transaction, the user inputs the TAN transmitted to his mobile phone, which is shown to him on the display of this device, via the user interface of the computer on which he carries out the Internet banking. This method has further advantages, since an attacker has to obtain, by means of corresponding malicious software, control of both the computer on which the Internet banking is carried out and of the user's mobile phone. This method, however, has the disadvantage that upon inputting the TAN there occur delays which are caused by the sending of the TAN SMS to the mobile phone. In addition, for the user there arise additional costs from the transmission of the TAN SMS, because the fees for sending the SMS normally are charged to the user.
DE 10 2004046847A1 discloses a method for carrying out a transaction, which is executed by means of a chip card, a PC and a server. Starting out from the PC, transaction data are transmitted via a first data connection to a server, on the one hand, and passed on via a second data connection to the chip card, on the other hand. Via a third data connection the server furthermore sends authentication data to the chip card. The chip card carries out security checks with the data obtained and effects that data contained in the authentication data are displayed for checking by a user. The method has a high security, but requires an absolutely trustworthy display. Such can be provided in a suitable card-reader device, but then causes corresponding additional expenses. In a variant, the server sends the authentication data partly to a mobile phone, on the display of which there are represented data contained in the authentication data for checking by a user. In the no-error case, the user transmits authentication information contained in the authentication data via the PC to the chip card. Since a mobile phone display can be regarded as trustworthy, the variant further increases the security. However, it requires availability and use of a mobile phone network. Thus, the applicability of the method is limited, on the one hand, and the use of the mobile phone network causes effort and costs, on the other hand.
In the document WO 2008/046575 A1 there is described a method for carrying out an application with the help of a portable data carrier, in which the application is carried out with the help of a first and second terminal with interposition of the data carrier. The method can also be used in particular for executing electronic banking transactions. The communication carried out thereby always takes place with interposition of the portable data carrier. In the method, transaction data are first inputted via the first terminal, said first terminal being in particular a personal computer. Then the data are transmitted to the portable data carrier, which forwards these to a second terminal, e.g. to a mobile phone. The transaction must then be released by a user by means of an input at the second terminal, whereupon the transaction data are transmitted from the data carrier to a server which executes the transaction.
In the document US 2003/0087601 A1 there is described the use of a security token having two interfaces for the secured data transmission between a mobile phone and a PC. The token here communicates via a contactless interface, for example based on Bluetooth or infrared, with the mobile phone and via a contact-type interface with the PC.